Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

Victims of ransomware attacks who pay criminals to release their data may be held liable for violating U.S. sanctions — even if they don’t know the true identity of their tormentors, advised the Treasury Department in a bulletin last week.

Why it matters: The move could doubly punish the victims of ransomware attacks.

Between the lines: The cyber criminals responsible for major ransomware attacks do not often volunteer their true identities to their victims, and the payment schemes are generally conducted anonymously using cryptocurrency.

  • It’s not just victims who might be subject to civil penalties for paying sanctioned ransomware attackers, says the Treasury, but also “those involved in providing cyber insurance, digital forensics and incident response, and financial services that may involve processing ransom payments.”

Background: The Treasury, through its Office of Foreign Assets Control, sanctions entities and individuals deemed national security threats — including state-linked hackers, terrorists and even transnational cyber criminal groups. Under these sanctions, U.S. persons or businesses are totally forbidden from facilitating or carrying out any financial exchange with these entities.

  • Some of these sanctioned groups, like the Russian cyber criminal syndicate Evil Corp, act generally on their own behalf and are motivated by private profit.
  • But other sanctioned entities, like the Lazarus Group, which is directly connected with North Korean intelligence, use ransomware attacks to pad the coffers of foreign governments.

By the numbers: Reports of ransomware attacks increased 37% from 2018 to 2019, according to the FBI, with a 147% spike in “associated losses” during that period, per the Treasury bulletin.

Go deeper: 🎧 Axios Re:Cap podcast: American health care held for ransom (listen here)

Go deeper

House Armed Services is paying more attention to cybersecurity — after big hack

Rep. Adam Smith. Photo: Scott J. Ferrell/Congressional Quarterly/Getty Images

House Armed Services Committee Chairman Adam Smith has outlined a plan for his body to improve its oversight of cybersecurity, although experts say suspected Russian cyberattacks show the focus is late in coming.

Why it matters: The alleged Russian penetration of the Pentagon and Treasury Commerce, State, Homeland Security and other departments shows the sweep of digital warfare and the need for an all-hands, all-of-government response.

Dan Primack, author of Pro Rata
22 mins ago - Economy & Business

Scoop: Red Sox strike out on deal to go public

Illustration: Sarah Grillo/Axios

The parent company of the Boston Red Sox and Liverpool F.C. has ended talks to sell a minority ownership stake to RedBall Acquisition, a SPAC formed by longtime baseball executive Billy Beane and investor Gerry Cardinale, Axios has learned from multiple sources. An alternative investment, structured more like private equity, remains possible.

Why it matters: Red Sox fans won't be able to buy stock in the team any time soon.